Google to make app changes after Irish study reveals 'concerning' amount of personal data collated
Information includes the phone number of the handset of every text message sent — together with a unique snapshot of the text in question — and the time and duration of each call made.
Google has committed to making a number of changes to its texting and phone call apps after an Irish study revealed that reams of personal information were being collated by the tech giant.
The company’s messages and Dialer apps, used by millions of Android phone users globally, currently send huge amounts of data to Google every time a text is sent or a phone call is made, according to the study, authored by Professor Doug Leith from Trinity College Dublin’s School of Computer Science.
That information includes the phone number of the handset of every text message sent — together with a unique snapshot of the text in question — and the time and duration of each call made.
In addition, for every text and call made from a handset, the unique Android ID of the phone in question is also sent back to Google. This means the real-world identification of the caller or texter is linked to the communication, given a phone number is required to establish a Google account.
Such information could also be linked to a sender’s credit card or bank details should they have ever paid for an app via Google’s Play Store.
User interactions with the apps are also recorded, including whenever someone views a text conversation, or searches their contacts, allowing a “detailed picture of app usage over time to be reconstructed by Google” according to the study.
Google had not responded to a request for comment at the time of publication. However, the company told the researchers, in its words, that it would change how the apps function to make explicit it is in fact Google products, while a new ‘on-off’ toggle option would be included in order to turn off “data Google does not consider to be essential for the app to function”. What data is considered to be essential was not made clear.
The retention of consumer data by the likes of phone companies is a hot topic at present, not least due to the fact Ireland is currently out of step with European law on the issue, a fact which has led to speculation that certain convictions such as that of murderer Graham Dwyer could be in jeopardy due to how evidence was accessed by gardaí.
Whether Google’s data transfer policies regarding the messages and Dialer apps are in line with the law is unclear. Asked for comment regarding the Trinity study, the Data Protection Commission said it “has not yet seen this report”, but said it would be “happy to examine further” should the researchers make contact.
Prof Leith said he was “surprised to see such obviously sensitive data being collected by these Google apps”.
He said the fact no ‘opt-out’ in terms of the data sent to Google by the two apps exists, while no consent is sought for the same data collection, is “extremely concerning”.
“Hopefully our work will act as a wake-up call to the public, politicians and data regulators,” he said. “It really is time we started to take meaningful action to give people full information on the data that leaves their phones.”
While use of the messages and Dialer apps is optional for Android users, the two applications are the default pre-installed option for many newer handsets, including Samsung, Google, and Huawei phones.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
